PwC's Ajit Tripathi discusses the limits of automating business logic in smart contracts.

With solid expertise in financial markets and technology, PwC's Ajit Tripathi is part of a growing body of specialists examining the limits of automating business logic in smart contracts.

At a recent panel session during London Fintech Week Tripathi, director, FS: fintech and digital, PwC, pointed out that ambiguity can affect all types of contract, and also that there will always be a need to assure performance of contracts.

Financial instruments such as derivatives contracts contain little ambiguity and are highly parameterised contracts that have already been standardised by the International Swaps and Dealers Association (ISDA). In these contracts there is a large amount of text and preamble preceding the contract parameters. These are typically the date and time convention, what type of contract it is, what the terms are, and other parameters required to calculate cash flows calculated on an ongoing basis.

Tripathi told IBTimes UK: "Certain financial contracts including life and property insurance, derivatives, mortgages and commercial loans are some of the least ambiguous contracts that you can possibly think of. These contracts are the low-hanging fruit for smart contract technology contracts compared to contracts with a lot more ambiguity – a contract for marriage or will, for example."

Ambiguity in standardised contracts can come from the language of the contracts itself. But even in a programming language, developers often fail to express themselves correctly.

But ambiguity can also originate from the environment; ambiguity that is not inherent to the contract itself. Tripathi said: "Let's say at the time of entering the contract, certain facts were known and those facts no longer apply when it comes to settle the contract or to execute certain parts of the contract.

"That can happen in all sorts of situations. Most of the contracts around insurance, for example, build force majeure clauses into the contract – these are the conditions we know about, but if something extraordinary or disastrous happens then all bets are off."

Another source of ambiguity can come from the relationships between contracts. An extreme example of this was the bankruptcy of Lehman Brothers. This relates to which jurisdiction the contracts are being implemented in; in the case of bankruptcy, what is the order of credit meeting creditor obligations? These sorts of factors alone present a powerful use case for transparent, immutable ledgers in financial markets.

"If you look at each contract independently there is very little ambiguity, but when you look across a wider set of contracts and the overall obligations of these entities then you can end up with more ambiguity than you bargained for. It's a complex world."

Tripathi agreed that even smart oracles can provide a source of randomness which potentially undermines the necessarily deterministic world of blockchains. For example if a smart oracle relies on the time or the environment to provide inputs to a smart contract, or if information sent out by a smart contract affects the computation of a linked system, then the results of the process may not be deterministic. Smart contract languages like solidity avoid sources of randomness, such as time and random functions but it's the overall process flow, and not just the contract code that needs to be understood.

Tripathi said: "Ambiguity to me is a certain type of randomness, because you are talking about probabilities, some of which are known, some of which are not known. If a smart contract running on multiple nodes behaves differently, and the computation is not guaranteed, then maybe putting it on an immutable ledger causes more problems than having it on a plain old database, a centralised system."

The right use cases for smart contracts must be carefully considered and extensively tested. As Tripathi points out, if something goes wrong and the ledger is immutable, this creates an additional headache. Ethereum has learned this the hard way through The DAO, but to claim that private blockchains allow buggy smart contracts to be more easily unwound, suggests it may be better not to use them at all – again, a point hammered home by Gideon Greenspan.

Concerning the question of whether smart contract computation really needs to be on the blockchain, Tripathi cited Casey Kuhlman of Eris Industries, who has written about the fact that when the computation is in the blockchain and the code is on the blockchain, this allows you to verify that the code that was run was the right code and everybody else had the same code. "So you get verifiable code and verifiable data and not just data. Because if the code sits outside then who knows what version was run."

A political question in respect of financial market infrastructure concerns the level of decentralisation or intermediation accompanying distributed ledger technology. Within the sphere of private shared ledger systems there are approaches, such as R3 Corda and ICAP/Axoni that retain a lot of existing infrastructure.

On the other hand, there are proposals to move towards a more decentralised solution, such as Clearmatics. The latter uses a "Decentralised Clearing Network" of computers synched up to all agree on the automated life cycle of a financial contract; a special purpose entity to custodise initial margin and default fund assets, owned by clearing members without any CEO or executive.

The Clearmatics approach is to retain some desirable features of OTC markets, such as pre-trade price discovery and the customisability of OTC contracts, removing a concentration of risk within another set of institutions (CCPs) that are "too big to fail".

Tripathi pointed to the hundreds of value-added services that some of these intermediaries provide to real markets. He cited Dave Rutter of R3's comment that if you think blockchains will take out the DTCC, then you probably have no idea what the DTCC does.

"The DTCC or Euroclear enable very large trading volumes, market liquidity for a very low price. If I want to do a sizeable, let's say, $200m long and short relative value bond trade through Euroclear, then the cost in bps is actually quite low, depending on the instruments. This is possible because of securities borrowing and lending activity. Market makers need entities with vast centralised volumes because you need to be able to borrow and lend at almost zero cost.

"And there is a reason these entities are protected by regulation. The regulators understand these entities; they have taken 20-30 years to build them out and take a lot of settlement risk out of the system. Consumers such as funds and small investors also benefit significantly from the lower settlement risk and increased liquidity provided by these entities.

Tripathi said these central entities may not need to maintain the ledger, but he questioned a shared governance model. "It's perfectly fine to have a distributed ledger, but then who owns it, governs it, and manages it? Everybody managing it is not a solution. Who do you take to court if things go wrong? Who does software upgrades? Who does data migration?"

In conclusion, Tripathi said one of the most important benefits for distributed ledgers may be a reduction in macro-prudential risks resulting from transparency of asset ownership and liabilities. This is because in a distributed ledger, the data would not be hidden in one place, and reconciliations would be instantaneous and automated - and not three days after the fact.

"The way that is going to happen is by providing regulators and other market participants with the ability to rely on the ledger of ownership. What happens in financial crises is that there is a flight to quality; people take money out of risky assets and put money in risk-less assets or treasury bonds. The reason people do that is because it's impossible to tell who owes who what and how sound the financial health of each of the trading counterparties really is."

"If the central bank has a reliable view of the chain of liabilities, then market participants would be much more comfortable trading in a scenario where a major counterparty is potentially exposed to default. This applies not only to banks but also to insurers and reinsurers, which may be just as exposed to contagion as the big trading banks.

"This transparency aspect of distributed ledgers and the reduction in panic it could mean for investors is very powerful. Transparency is one of the core value propositions of blockchain technology and regulators recognise that."